Improve GitHub API error handling and update auth format

Copilot · Lackadaisical-Security · Copilot · commit 7af99820b980 · 2026-01-05T14:33:19.000Z
Co-authored-by: Lackadaisical-Security &lt;205846242+Lackadaisical-Security@users.noreply.github.com&gt;
diff --git a/.github/workflows/stats-tracker.yml b/.github/workflows/stats-tracker.yml
@@ -13,6 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       contents: write
+      metadata: read
       
     steps:
     - name: Checkout repository
diff --git a/REALTIME_STATS.json b/REALTIME_STATS.json
@@ -1,13 +1,13 @@
 {
-  "timestamp": "2026-01-05T14:28:11.901823Z",
+  "timestamp": "2026-01-05T14:32:59.155485Z",
   "local": {
-    "commit_count": 2,
+    "commit_count": 3,
     "unique_contributors": 2,
-    "last_commit_date": "2026-01-05 14:26:06 +0000",
+    "last_commit_date": "2026-01-05 14:30:26 +0000",
     "last_commit_message": "Initial plan",
     "current_branch": "copilot/fix-real-time-stats-api",
     "tracked_files": 63,
-    "timestamp": "2026-01-05T14:28:11.912102Z"
+    "timestamp": "2026-01-05T14:32:59.166468Z"
   },
   "github": {}
 }
diff --git a/REALTIME_STATS.md b/REALTIME_STATS.md
@@ -1,6 +1,6 @@
 # Repository Statistics - Real-Time
 
-**Last Updated:** 2026-01-05T14:28:11.901823Z
+**Last Updated:** 2026-01-05T14:32:59.155485Z
 
 ## 📊 Current Statistics
 
@@ -9,10 +9,10 @@
 | Metric | Value |
 |--------|-------|
 | 🌿 Current Branch | `copilot/fix-real-time-stats-api` |
-| 📝 Total Commits | 2 |
+| 📝 Total Commits | 3 |
 | 👥 Contributors | 2 |
 | 📄 Tracked Files | 63 |
-| 🕐 Last Commit | 2026-01-05 14:26:06 |
+| 🕐 Last Commit | 2026-01-05 14:30:26 |
 | 💬 Last Message | Initial plan |
 
 ---
@@ -22,7 +22,7 @@
 Add these to your README.md:
 
 ```markdown
-<img src="https://img.shields.io/badge/commits-2-orange?style=flat-square">
+<img src="https://img.shields.io/badge/commits-3-orange?style=flat-square">
 ```
 
 ---
diff --git a/STATS_HISTORY.json b/STATS_HISTORY.json
@@ -115,5 +115,31 @@
       "timestamp": "2026-01-05T14:28:11.912102Z"
     },
     "github": {}
+  },
+  {
+    "timestamp": "2026-01-05T14:31:28.134321Z",
+    "local": {
+      "commit_count": 3,
+      "unique_contributors": 2,
+      "last_commit_date": "2026-01-05 14:30:26 +0000",
+      "last_commit_message": "Initial plan",
+      "current_branch": "copilot/fix-real-time-stats-api",
+      "tracked_files": 63,
+      "timestamp": "2026-01-05T14:31:28.144853Z"
+    },
+    "github": {}
+  },
+  {
+    "timestamp": "2026-01-05T14:32:59.155485Z",
+    "local": {
+      "commit_count": 3,
+      "unique_contributors": 2,
+      "last_commit_date": "2026-01-05 14:30:26 +0000",
+      "last_commit_message": "Initial plan",
+      "current_branch": "copilot/fix-real-time-stats-api",
+      "tracked_files": 63,
+      "timestamp": "2026-01-05T14:32:59.166468Z"
+    },
+    "github": {}
   }
 ]
diff --git a/realtime_stats_tracker.py b/realtime_stats_tracker.py
@@ -34,18 +34,41 @@ def github_api_request(self, endpoint):
         
         token = self.get_github_token()
         if token:
-            headers['Authorization'] = f'token {token}'
+            headers['Authorization'] = f'Bearer {token}'
         
         try:
             req = urllib.request.Request(url, headers=headers)
             with urllib.request.urlopen(req, timeout=10) as response:
                 return json.loads(response.read().decode())
         except urllib.error.HTTPError as e:
+            # Try to get detailed error message from response body
+            error_msg = None
+            try:
+                error_body = e.read().decode()
+                error_data = json.loads(error_body)
+                error_msg = error_data.get('message', '')
+            except:
+                pass
+            
             if e.code == 403:
-                print(f"⚠️  GitHub API rate limit reached. Set GITHUB_TOKEN env var for higher limits.")
+                if error_msg:
+                    print(f"⚠️  GitHub API error (403): {error_msg}")
+                    if 'rate limit' in error_msg.lower():
+                        print(f"💡 Set GITHUB_TOKEN env var for higher rate limits.")
+                    elif 'credentials' in error_msg.lower() or 'token' in error_msg.lower():
+                        print(f"💡 Check that GITHUB_TOKEN has the correct permissions.")
+                else:
+                    print(f"⚠️  GitHub API access denied (403). Set GITHUB_TOKEN env var with proper permissions.")
+                return None
+            elif e.code == 404:
+                print(f"⚠️  GitHub API endpoint not found (404): {endpoint}")
+                return None
+            else:
+                if error_msg:
+                    print(f"⚠️  GitHub API error {e.code}: {error_msg}")
+                else:
+                    print(f"⚠️  GitHub API error {e.code}: {e.reason}")
                 return None
-            print(f"⚠️  GitHub API error {e.code}: {e.reason}")
-            return None
         except Exception as e:
             print(f"⚠️  Error fetching from GitHub API: {e}")
             return None
